In accordance with company requirements, the Oracle Analytics Development team requires a dedicated Security Point of Contact (SPOC). This role has been fulfilled part-time by different developers, but the sheer number of security efforts and products employed by the Analytics team necessitates a full-time resource.
**Short description displayed on job tile**
As part of Oracle's Analytics team, the Security Lead is responsible for reducing security assurance risk in their Line of Business. They need to develop a security culture in their organization and ensure that all security activities are effective at avoiding, mitigating, finding and fixing vulnerabilities
**Job description displayed in the job posting**
The engineer will be expected to participate in security project tasks on an as needed basis and interact directly with security organizations and multiple Lines of Business globally.
**Preferred Qualifications**:
- 6+ years related experience in an information security role, supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation (Networking, Endpoint, System Level Security) required.
- Experience with at least one enterprise-scale of the following security platforms: SIEM, Antivirus, Endpoint Detection and Response
- Strong experience in cloud computing and building secure environments in the cloud utilizing tools such as Terraform &| Ansible.
- Experience in security aspects of multiple platforms, operating systems (Linux and Windows servers), software, communications, and network protocols
- Understanding of networking protocols and infrastructure designs; including routing, network ports and protocols, host and network intrusion detection systems, encryption, load balancing, and other network infrastructure
- Knowledge of security processes and technologies including threat detection, firewall functionality, security monitoring, and specific tools: SIEM, AV, IDS/IPS
- Excellent communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with development management and staff.
- Dedicated and self-driven desire to maintain knowledge of current security threats and countermeasures; enthusiastic team-member
A Security Lead is responsible for reducing security assurance risk in their Line of Business. They need to develop a security culture in their organization and ensure that all security activities are effective at avoiding, mitigating, finding and fixing vulnerabilities.
As a member of the software engineering division, you will take an active role in the definition and evolution of standard security practices and procedures.
- Monitor, develop, and maintain enterprise security tooling program including Security Information and Event Management (SIEM), Endpoint Protection, and Web Application Firewalls in both and engineering and analyst capacity.
- Work directly with system owners to implement security controls and configure security tools to meet a variety of requirements.
- Reduce risk by enhancing existing security tools and processes within the organization
- Support for Reported Product Security Vulnerabilities - Have the skills to review code fixes of security bugs in their areas of responsibility
- Technical Guidance for Ongoing Product Development - During the design phase, the Security Lead must ensure that product functional and design specifications include security considerations for every release
- Cloud Engineering Infrastructure Development
- Security Community Activity Leadership - The Security Lead must coordinate the various security activities for the respective product family
- Product Security Compliance - A major component of the Security Lead function is to identify and quantify security risks for management, especially product risks for customers and the consequential risks to the Oracle brand.
- Participate in a Rotational On-Call schedule for Critical issues (we strive to make sure this is truly as rare as it can be)